Overview

overview

7

Static

static

3

crack/backup.exe

windows7-x64

3

crack/backup.exe

windows10-2004-x64

3

hb52.exe

windows7-x64

7

hb52.exe

windows10-2004-x64

7

$PLUGINSDI...on.dll

windows7-x64

3

$PLUGINSDI...on.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$SYSDIR/hblogon.dll

windows7-x64

6

$SYSDIR/hblogon.dll

windows10-2004-x64

6

HBShell.dll

windows7-x64

1

HBShell.dll

windows10-2004-x64

1

Plugins/ICQPlugin.dll

windows7-x64

1

Plugins/ICQPlugin.dll

windows10-2004-x64

1

Plugins/Ou...in.dll

windows7-x64

1

Plugins/Ou...in.dll

windows10-2004-x64

1

Plugins/Re...in.dll

windows7-x64

1

Plugins/Re...in.dll

windows10-2004-x64

1

Plugins/Sp...in.dll

windows7-x64

1

Plugins/Sp...in.dll

windows10-2004-x64

1

StarBurn.dll

windows7-x64

1

StarBurn.dll

windows10-2004-x64

1

WnASPI32.dll

windows7-x64

6

WnASPI32.dll

windows10-2004-x64

6

backup.chm

windows7-x64

1

backup.chm

windows10-2004-x64

1

backup.exe

windows7-x64

3

backup.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    e023a5793f031084f4a808f1bf8900ea

  • Size

    3.4MB

  • MD5

    e023a5793f031084f4a808f1bf8900ea

  • SHA1

    168322c10de6cfddc4b366e1d11e56b4512f6e2c

  • SHA256

    a74eda4391c722bdca03829054b00bcbea11cf2666dbc1904a08ba95e327ae0c

  • SHA512

    5b37f3ad3038b089ee6c6b398064f7fdacf27a293fc161b136ebbdd842dcf729c060e910a2ead9329a87ed7742e65a42621c320896f328b3bf8cf8a7df1554f8

  • SSDEEP

    98304:NQjlEjFhDEBvsgBeKLH7bJlZqOqZia7LXSHcMOO5qC:NMGMlsgBeobb2pfXNQL

Score
3/10

Malware Config

Signatures

  • Unsigned PE 23 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs
    installer

Files

  • e023a5793f031084f4a808f1bf8900ea
    .rar
  • crack/backup.exe
    .exe windows:4 windows x86 arch:x86

    1c827931288698047756b0370ba75907


    Headers

    Imports

    Exports

    Sections

  • crack/下载说明.htm
    .html .js polyglot
  • hb52.exe
    .exe windows:4 windows x86 arch:x86

    a3b0ee1fb29253dbfbd34b387e7a55c9


    Headers

    Imports

    Sections

  • $PLUGINSDIR/GetVersion.dll
    .dll windows:4 windows x86 arch:x86

    e68b707a8a870eb0463fa562e1b2db9b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    9d433976e02d79532f0d635ee81d0b20


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    4ec328f99bdd944fc98d8a5cf11f7a62


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UserInfo.dll
    .dll windows:4 windows x86 arch:x86

    48cfa0ea7e353e4a7dd23572da8374ef


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/custom_dvd.ini
  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • $SYSDIR/hblogon.dll
    .dll windows:4 windows x86 arch:x86

    a0791e4e826c1fe920dd881a7684ac91


    Headers

    Imports

    Exports

    Sections

  • HBShell.dll
    .dll regsvr32 windows:4 windows x86 arch:x86

    422c26266440745e2016dc337b160995


    Headers

    Imports

    Exports

    Sections

  • Plugins/ICQPlugin.dll
    .dll regsvr32 windows:4 windows x86 arch:x86

    56b457dbfda51e1c1978134628bff9a6


    Headers

    Imports

    Exports

    Sections

  • Plugins/OutlookPlugin.dll
    .dll regsvr32 windows:4 windows x86 arch:x86

    f08ea1255f1ca970061e73abd2457b20


    Headers

    Imports

    Exports

    Sections

  • Plugins/RegistryPlugin.dll
    .dll regsvr32 windows:4 windows x86 arch:x86

    6cbfaa647adaba64ed0af1584d456d5c


    Headers

    Imports

    Exports

    Sections

  • Plugins/SpecialFoldersPlugin.dll
    .dll regsvr32 windows:4 windows x86 arch:x86

    8d27a3d3c8ffaac5b080405aa486cc9f


    Headers

    Imports

    Exports

    Sections

  • StarBurn.dll
    .dll windows:5 windows x86 arch:x86

    31f82d410931fb5d97874325938b991f


    Headers

    Imports

    Exports

    Sections

  • WnASPI32.dll
    .dll windows:5 windows x86 arch:x86

    235af935f9a30a562c53c2b963841db5


    Headers

    Imports

    Exports

    Sections

  • backup.chm
    .chm
  • backup.exe
    .exe windows:4 windows x86 arch:x86

    1c827931288698047756b0370ba75907


    Headers

    Imports

    Exports

    Sections

  • cdwr.dll
    .dll windows:4 windows x86 arch:x86

    aa65bffff33df556cad62faee6a554f5


    Headers

    Imports

    Exports

    Sections

  • dvdwr.dll
    .dll windows:4 windows x86 arch:x86

    b5e7296d4d5b10d7523042aa8d9a134c


    Headers

    Imports

    Exports

    Sections

  • eula.txt
  • hbagent.exe
    .exe windows:4 windows x86 arch:x86

    423d62396366e18937162a282d59721b


    Headers

    Imports

    Sections

  • messages.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • readme.txt
  • tips.txt
  • uihooks.dll
    .dll windows:4 windows x86 arch:x86

    e09086b2034c796ee1a7da5b2178c2db


    Headers

    Imports

    Exports

    Sections

  • uninst.exe
    .exe windows:4 windows x86 arch:x86

    a3b0ee1fb29253dbfbd34b387e7a55c9


    Headers

    Imports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    4ec328f99bdd944fc98d8a5cf11f7a62


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/modern-header.bmp
  • ziplib.dll
    .dll windows:4 windows x86 arch:x86

    3cc5089e126a553329830379d8f23562


    Headers

    Imports

    Exports

    Sections

  • 下载说明.htm
    .html .js polyglot